Buggy Microsoft Defender ASR rule deletes Windows app shortcuts
Microsoft has addressed a false positive triggered by a buggy Microsoft Defender ASR rule that would delete application shortcuts from the desktop, the Start menu,…
Category: Bleeping Computer
Govt networks targeted with now-patched SSL-VPN zero-day
Fortinet says unknown attackers exploited a FortiOS SSL-VPN zero-day vulnerability patched last month in attacks against government organizations and government-related targets. The security flaw (CVE-2022-42475)…
MetaMask warns of new ‘Address Poisoning’ cryptocurrency scam
Cryptocurrency wallet provider MetaMask is warning users of a new scam called ‘Address Poisoning’ used to trick users into sending funds to a scammer rather…
Cuba ransomware hacking Exchange servers via OWASSRF flaw
Microsoft says Cuba ransomware threat actors are hacking Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability also exploited in Play ransomware…
Exchange Server 2013 reaches end of support in 90 days
Microsoft warned customers today that Exchange Server 2013 will reach its extended end-of-support (EOS) date 90 days from now, on April 11, 2023. Exchange Server…
Royal Mail cyberattack linked to LockBit ransomware operation
A cyberattack on Royal Mail, UK’s largest mail delivery service, has been linked to the LockBit ransomware operation. Yesterday, the Royal Mail disclosed that they suffered…
Hackers exploit Control Web Panel flaw to open reverse shells
Hackers are actively exploiting a critical vulnerability patched recently in Control Web Panel (CWP), a tool for managing servers formerly known as CentOS Web Panel.…
RAT malware campaign tries to evade detection using polyglot files
Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from…
Microsoft tests live kernel memory dumps in Windows 11 Task Manager
Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows. A…
Android TV box on Amazon came pre-installed with malware
A Canadian system administrator discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware. The malware…
European police takes down call centers behind cryptocurrency scams
Multiple call centers across Europe controlled by a criminal organization involved in online investment fraud were taken down this week following a cross-border investigation started…
Vice Society ransomware claims attack on Australian firefighting service
Australia’s Fire Rescue Victoria has disclosed a data breach caused by a December cyberattack that is now claimed by the Vice Society ransomware gang. Fire…